Back to skill

Security audit

Elevio

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed Elevio connector helper focused on reading and searching knowledge-base content, with no artifact evidence of hidden data access, destructive behavior, or exfiltration.

Before installing, confirm you trust OOMOL's oo CLI and are willing to connect your Elevio account through OOMOL. Use it for Elevio knowledge-base lookup tasks; require explicit user approval before running any future action that is tagged as write or destructive.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Description-Behavior Mismatch

Medium
Confidence
91% confidence
Finding
The manifest describes the skill as only for searching and reading data, but the body explicitly discusses possible `[write]` and `[destructive]` actions. That mismatch can mislead users or higher-level agents into trusting the skill as read-only, increasing the chance that future state-changing actions are invoked under an inaccurate safety assumption.

Vague Triggers

Medium
Confidence
78% confidence
Finding
The trigger text says to use this skill for ANY Elevio request, which is broader than necessary and can cause automatic selection in situations where a narrower or safer workflow would be preferable. In an agentic environment, overly broad routing increases the attack surface for unintended tool use and may bypass more context-specific validation.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.